Re. IP Shunt....
From this site:
ACM Portal
Quote:
A key observation, however, is that much of the traffic comprising a high-volume stream can, after some initial analysis, be qualified as "likely uninteresting."
To this end, we have developed an in-line, FPGA-based IPS ac-celerator, the Shunt, using the NetFPGA2 platform. The Shunt functions as the forwarding device used by the IPS; it alone processes the bulk of the traffic, offloading the memory bus and leaving the CPU free to inspect the subset of the traffic deemed germane for security analysis.
To do so, the Shunt maintains several large state tables indexed by packet header fields, including IP/TCP flags, source and destination IP addresses, and connection tuples.
The tables yield decision values the element makes on a packet-by-packet basis: forward the packet, drop it, or divert it through the IPS.
|
If you want that in english...
It is a firewall technology that allows the firewall to consider a particular source "safe, on the fly. This is handy with all the streaming video, etc people now do with computers. The amount of "data" may be huge, but the firewall doesn't need to spend time evaluating every byte.
That way the firewall can devote more time to guaging more sites thru less packets.